.comment: Going Broadband With a Cable Modem

Bye-bye Telco

September 27, 2000

By
Dennis E. Powell

When my wife and I moved to our little
Connecticut horse farm, we arranged Internet
access ahead of time. Oh, yes, the phone company
representatives said, you'll have high-speed
Internet through snet.net.

Yeah, right.

When we got here, we discovered that the
lines were duplexed, meaning not only that we wouldn't regularly connect
at more than 26,400 bps, but indeed that a higher connect speed wasn't
even possible.

The telephone company kept saying that new
copper was being strung, just wait a little longer.

A little longer came to its end last week.
While I've always thought of cable modems as a ragingly insecure and laughably
nonserious way of getting online, it had become clear that if we wanted
to see websites while we still remembered why we'd gone to them, a cable
modem was the only choice for us.

So, my friends, begins the saga of the arrival
of Charter Pipeline in our home, the problems encountered, and the solutions
we chose. I shall not go into great detail about the mistakes made along
the way, in part because it's embarrassing (and in some cases really embarrassing),
and in part because I hope that this will be useful to others contemplating
the same kind of setup.

The Security Issue

Anyone exploring the switch to a cable modem
will find a multitude of stories having to do with the lack of security.
I do not know if these stories are true, though I was asked to sign a document
stating that I expected no security from Charter Pipeline at all, so I
suppose there might be something to it.

Now. It is possible to set up a software
firewall in Linux, to turn off the multitude of services that distributions
maniacally start by default, and to install software designed to prevent
cracking and to report it if it has taken place. I have some of that installed
(though not a firewall), but as they say in the military, my confidence
level was not high--good enough, maybe, for a dialup, but not for a permanent
connection.

As it happened, I was going to need to add
some hardware anyway: A network card, and a hub, because I wanted to feed
a couple of machines, maybe more. My printer has a network connection available.
I keep a couple of notebook machines around, and there is always a machine
in progress here.

And it happens that you really can't just
plug in the cable modem line--a RJ45 connection--to a hub and send
it out to everyone.

Fortunately, practically everyone in the
network hardware business has now come out with a little box that performs
a multitude of functions: firewall, NAT, and so on. These typically allow
many machines to be served by the same cable (or DSL) connection. It's
plugged in between the cable modem and the hub (or the computer, if only
one machine is involved).

I decided to try to get all three--the
network card, hub, and firewall box--from the same company, on the simple
justification that if I had to phone tech support, it would be more difficult
to lay the blame on one of the other suppliers. My choice was D-Link, because
their products are inexpensive, because they promise Linux support, and
because I was satisfied with their technical support, which I phoned and
talked with before I bought anything. Their answers were satisfying. (And
no, I am not compensated by them in any way, nor did I receive anything
for free.)

After a little additional research, I decided
upon their DFE-530TX+ network cards, which seem solid and which one can
get for under $20 a pop.

Their website talked of a thing called the
DI-704, which combines one of the little firewall-NAT devices with a four-hole
hub. Sounded pretty attractive. Problem was, it wasn't yet available. And
contemplation led me to realize it would have been pretty minimal anyway:
my machine, the printer, my wife's machine--that left only one connection.
So I got their DI-701, which is a one-in, one-out device that I'm counting
upon to protect my home and office network from the bad guys. It feeds
into a separate device, an eight-hole hub, which is then connected to the
computers, the printer (which had a JetDirect card in it when I bought
it), and so on.